6 research outputs found
On the Completeness of Verifying Message Passing Programs under Bounded Asynchrony
We address the problem of verifying message passing programs, defined as a
set of parallel processes communicating through unbounded FIFO buffers. We
introduce a bounded analysis that explores a special type of computations,
called k-synchronous. These computations can be viewed as (unbounded) sequences
of interaction phases, each phase allowing at most k send actions (by different
processes), followed by a sequence of receives corresponding to sends in the
same phase. We give a procedure for deciding k-synchronizability of a program,
i.e., whether every computation is equivalent (has the same happens-before
relation) to one of its k-synchronous computations. We also show that
reachability over k-synchronous computations and checking k-synchronizability
are both PSPACE-complete. Furthermore, we introduce a class of programs called
{\em flow-bounded} for which the problem of deciding whether there exists a k>0
for which the program is k-synchronizable, is decidable
On the Completeness of Verifying Message Passing Programs Under Bounded Asynchrony
International audienceWe address the problem of verifying message passing programs , defined as a set of processes communicating through unbounded FIFO buffers. We introduce a bounded analysis that explores a special type of computations, called k-synchronous. These computations can be viewed as (unbounded) sequences of interaction phases, each phase allowing at most k send actions (by different processes), followed by a sequence of receives corresponding to sends in the same phase. We give a procedure for deciding k-synchronizability of a program, i.e., whether every computation is equivalent (has the same happens-before relation) to one of its k-synchronous computations. We show that reachability over k-synchronous computations and checking k-synchronizability are both PSPACE-complete
A semantics comparison workbench for a concurrent, asynchronous, distributed programming language
A number of high-level languages and libraries have been proposed that offer
novel and simple to use abstractions for concurrent, asynchronous, and
distributed programming. The execution models that realise them, however, often
change over time---whether to improve performance, or to extend them to new
language features---potentially affecting behavioural and safety properties of
existing programs. This is exemplified by SCOOP, a message-passing approach to
concurrent object-oriented programming that has seen multiple changes proposed
and implemented, with demonstrable consequences for an idiomatic usage of its
core abstraction. We propose a semantics comparison workbench for SCOOP with
fully and semi-automatic tools for analysing and comparing the state spaces of
programs with respect to different execution models or semantics. We
demonstrate its use in checking the consistency of properties across semantics
by applying it to a set of representative programs, and highlighting a
deadlock-related discrepancy between the principal execution models of SCOOP.
Furthermore, we demonstrate the extensibility of the workbench by generalising
the formalisation of an execution model to support recently proposed extensions
for distributed programming. Our workbench is based on a modular and
parameterisable graph transformation semantics implemented in the GROOVE tool.
We discuss how graph transformations are leveraged to atomically model
intricate language abstractions, how the visual yet algebraic nature of the
model can be used to ascertain soundness, and highlight how the approach could
be applied to similar languages.Comment: Accepted by Formal Aspects of Computin
Automated deductive verification of systems software
Software has become an integral part of our everyday lives, and so is our reliance on his correct functioning. Systems software lies at the heart of computer systems, consequently ensuring its reliability and security is of paramount importance. This thesis explores automated deductive verification for increasing reliability and security of systems software. The thesis is comprised of the three main threads. The first thread describes how the state-of-the art deductive
verification techniques can help in developing more secure operating system. We have developed a prototype of an Android-based operating system with strong assurance guarantees. Operating systems code heavily relies on mutable data structures. In our experience, reasoning about such pointer-manipulating programs was the hardest aspect of the operating system verification effort because correctness criteria describes intricate combinations of structure (shape), content (data), and separation. Thus, in the second thread, we explore design and development of an automated verification system for assuring correctness of pointer-manipulating programs using an extension of Hoare’s logic for reasoning about programs that access and update heap allocated data-structures. We have developed a verification framework that allows reasoning about C programs using only domain specific code annotations. The same thread contains a novel idea that enables efficient runtime checking of assertions that can express properties of dynamically manipulated linked-list data structures. Finally, we describe the work that paves a new way for reasoning about distributed protocols. We propose certified program models, where an executable language (such as C) is used for modelling – an executable language enables testing, and emerging program verifiers for mainstream executable languages enable certification of such models. As an instance of this approach, concurrent C code is used for modelling and a program verifier for concurrent C (VCC from Microsoft Research) is used for certification of new class of systems software that serves as a backbone for efficient distributed data storage